#! /usr/bin/env python
# -*- coding: utf-8 -*-

"""
Copyright (c) 2013-2014 TangScan developers (http://www.wooyun.org/)
See the file 'docs/COPYING' for copying permission
author:test
"""

import re

from thirdparty import requests
from modules.exploit import TSExploit
import hashlib

__all__ = ['TangScan']


class TangScan(TSExploit):
    def __init__(self):
        super(self.__class__, self).__init__()
        self.info = {
            "name": "DVWA 漏洞认证",
            "product": "DVWA",
            "product_version": "1.9",
            "desc": """
               DVWA 存在漏洞,具体就不说了，因为我是用间接法认证的
            """,
            "license": self.license.TS,
            "author": ["test"],
            "ref": [
                {self.ref.wooyun: "http://www.xxx.com"},
            ],
            "type": self.type.injection,
            "severity": self.severity.high,
            "privileged": False,
            "disclosure_date": "2017-00-00",
            "create_date": "2017-08-23",
        }

        self.register_option({
            "url": {
                "default": "",
                "required": True,
                "choices": [],
                "convert": self.convert.url_field,
                "desc": "目标 url"
            }
        })

        self.register_result({
            "status": False,
            "data": {
                "user_info": "存在漏洞"
            },
            "description": "",
            "error": ""
        })

    def verify(self):
        self.print_debug("verify start")
        exp_url = ("{domain}/dvwa/images/login_logo.png".format(domain=self.option.url))

        try:
            r = requests.get(exp_url,timeout=15)
            if r.status_code == 200:
                fmd5=hashlib.md5(r.content)
                if fmd5.hexdigest() =='ffd60bd626088fec66b26e22a7bd81e3':#实际上为了保证间接检测正确性，一般要同时检测三个间接的指纹
                    self.result.status=True
                    self.result.description="检测到目标{url}为DVWA　1.9".format(url=self.option.url)
                    #print fmd5.hexdigest()
                else:
                    self.result.status=False
        except Exception, e:
            self.result.error = str(e)
    

    def exploit(self):
        pass


if __name__ == '__main__':
    from modules.main import main
    main(TangScan())
